Top.Mail.Ru
? ?

November 26th, 2010

Yesterday a guy with his name written in Cyrillic letters ("Марк Коренберг") and a @gmail.com email address posted a kernel exploit to the Linux kernel mailing list (aka LKML). This morning one brave guy from our team tried to run it on his desktop -- and had to reboot it after a few minutes of total system unresponsiveness.

The bad news are the exploit is pretty serious and causes Denial of Service. It looks like most kernels are indeed vulnerable.

The good news is OpenVZ is not vulnerable. Why? Because of user beancounters.

All the gory detailsCollapse )

Of course, if you set all beancounters to unlimited, exploit will work. So don't do that, unless your CT is completely trusted. Those limits are there for a reason, you know.

Latest Month

July 2016
S M T W T F S
     12
3456789
10111213141516
17181920212223
24252627282930
31      

Comments

Powered by LiveJournal.com
Designed by Tiffany Chow